Various techniques exist for securing containers in a multi-tenanted environment, from encrypted virtual machines through to Intel SGX application enclaves. However, these seem best suited to stateless workloads. How can persistent data be handled in a zero-trust environment when the underlying kernel is an inherent part of the data path and implements the filesystem?
This talk describes the state of the art and discusses current implementation options. It covers work that is ongoing and looks even further out to the CHERI research project from the University of Cambridge with its promise of fine-grained data access controls through hardware capabilities.